Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp1488527rdb; Wed, 6 Dec 2023 23:46:54 -0800 (PST) X-Google-Smtp-Source: AGHT+IHespClYHDu6ZXTQ7IxwdIhxngI2AZz62yNeUr0EVmIBxpEUjeUJlz/mWKmdW8fr2p7C5a3 X-Received: by 2002:a05:6a21:3102:b0:18f:97c:ba21 with SMTP id yz2-20020a056a21310200b0018f097cba21mr2463160pzb.123.1701935214496; Wed, 06 Dec 2023 23:46:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701935214; cv=none; d=google.com; s=arc-20160816; b=PqyC2nw9qxATq3hj3N6MipsMkiB/gB0WVuUeVVliFmtqtFx8gVOHSR6OeGztsuQhwH shjPQXYRa1luoM7GJeO1s2MCGmPDi+3vH0mSH0Wloa3guLgXVdW86l0gDEwnmmv1x/fm z4PR6uOktpfP+T8YU5KZ8ok83aRqjva9x+M4Xl11T1+7PGZDRc2Ce7D3kYOYsjqDwpbt zfKyiZ75NYIouYSbEWTee2s2ij3jyVFsizyCjd6Oe3Wt0FP3pWf3YfLqSUqsI0Rjn+FV /30rtnzLfZmVfoxmY5QGJFcNe/Xf479JecDZT3QSJQsnljjUjl7xKArIB6fpIyzOnrbZ thnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:dkim-signature:date; bh=kbU/WpF0mWyAkPnbK/9TxKMOYVzl+goNFSGyzE87t/g=; fh=D/YkUPEqvfZ5tGYYuOAq3zOvKYNgogjkqg0dgsq8cCE=; b=KxUbRngvessOwnhIhQvNFGOL46r7urLQn+9oMAVkT0MiCm4As/UQ8doeYi49mlLQQB gh3qmFvSPZBSVabJMWIOoWD7j+ROaMuXig1A+3GyCy9Zhw0QwT7CMDUCCogmFjIj0fjQ S94faX8DxeFIm2oO8KovCo1uxbn9yQQVNQaywrRHApbdt4Eyc23pkrdapbJC7NJphEXN gfmcAOgw0wJGROB8MIH7HQAY2IWFYvEXuxg7k77mFK+LpFGuD1yOtpDd168hcmvs23k6 63FMSApO9QJy9Pkm8FhnfB2hcr1QVK3YxdJ8F8kDU3lDwVPQQPcf00AYM6YRF/OsL02a Tw4A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=fCbIeUO4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id l2-20020a056a00140200b006ce7bda5f0fsi777456pfu.314.2023.12.06.23.46.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 06 Dec 2023 23:46:54 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=fCbIeUO4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id 1DF7681FD299; Wed, 6 Dec 2023 23:46:52 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377989AbjLGHqf (ORCPT + 99 others); Thu, 7 Dec 2023 02:46:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43544 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377955AbjLGHqd (ORCPT ); Thu, 7 Dec 2023 02:46:33 -0500 Received: from out-182.mta1.migadu.com (out-182.mta1.migadu.com [95.215.58.182]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A6AB0D44 for ; Wed, 6 Dec 2023 23:46:39 -0800 (PST) Date: Thu, 7 Dec 2023 02:46:31 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1701935197; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=kbU/WpF0mWyAkPnbK/9TxKMOYVzl+goNFSGyzE87t/g=; b=fCbIeUO4ItcAfnqfIF+XXPX1AnclYQ6+DKLE2NX9GJ3J09uGxc59qXr3qcpfgIYjj8Snkp GyJj4LgVG+WnLfR5EHeMuX9ZUUfQcfq6kBRbVGFd6pTMNG0gyoulQOkHlDg6MPj9hiN7LC eww02zMQXQct8BLVZ2FSwOWUnMkw9hI= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Kent Overstreet To: Greg Kroah-Hartman Cc: Peter Zijlstra , Alice Ryhl , Miguel Ojeda , Alex Gaynor , Wedson Almeida Filho , Boqun Feng , Gary Guo , =?utf-8?B?QmrDtnJu?= Roy Baron , Benno Lossin , Andreas Hindborg , Alexander Viro , Christian Brauner , Arve =?utf-8?B?SGrDuG5uZXbDpWc=?= , Todd Kjos , Martijn Coenen , Joel Fernandes , Carlos Llamas , Suren Baghdasaryan , Dan Williams , Kees Cook , Matthew Wilcox , Thomas Gleixner , Daniel Xu , linux-kernel@vger.kernel.org, rust-for-linux@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: Re: [PATCH 5/7] rust: file: add `Kuid` wrapper Message-ID: <20231207074631.7xjqkkn4oaw32xm6@moria.home.lan> References: <20231129-alice-file-v1-0-f81afe8c7261@google.com> <20231129-alice-file-v1-5-f81afe8c7261@google.com> <20231130103635.GA20191@noisy.programming.kicks-ass.net> <20231206200224.rkdkuozztzg2wusj@moria.home.lan> <2023120716-ferocious-saffron-c595@gregkh> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2023120716-ferocious-saffron-c595@gregkh> X-Migadu-Flow: FLOW_OUT X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Wed, 06 Dec 2023 23:46:52 -0800 (PST) On Thu, Dec 07, 2023 at 08:18:37AM +0100, Greg Kroah-Hartman wrote: > On Wed, Dec 06, 2023 at 03:02:24PM -0500, Kent Overstreet wrote: > > On Thu, Nov 30, 2023 at 11:36:35AM +0100, Peter Zijlstra wrote: > > > On Wed, Nov 29, 2023 at 01:12:17PM +0000, Alice Ryhl wrote: > > > > > > > diff --git a/rust/helpers.c b/rust/helpers.c > > > > index fd633d9db79a..58e3a9dff349 100644 > > > > --- a/rust/helpers.c > > > > +++ b/rust/helpers.c > > > > @@ -142,6 +142,51 @@ void rust_helper_put_task_struct(struct task_struct *t) > > > > } > > > > EXPORT_SYMBOL_GPL(rust_helper_put_task_struct); > > > > > > > > +kuid_t rust_helper_task_uid(struct task_struct *task) > > > > +{ > > > > + return task_uid(task); > > > > +} > > > > +EXPORT_SYMBOL_GPL(rust_helper_task_uid); > > > > + > > > > +kuid_t rust_helper_task_euid(struct task_struct *task) > > > > +{ > > > > + return task_euid(task); > > > > +} > > > > +EXPORT_SYMBOL_GPL(rust_helper_task_euid); > > > > > > Aren't these like ideal speculation gadgets? And shouldn't we avoid > > > functions like this for exactly that reason? > > > > I think asking the Rust people to care about that is probably putting > > too many constraints on them, unless you actually have an idea for > > something better to do... > > It's not a constraint, it is a "we can not do this as it is buggy > because cpus are broken and we need to protect users from those bugs." > > If we were to accept this type of code, then the people who are going > "it's safer to write kernel code in Rust" would be "pleasantly > surprised" when it turns out that their systems are actually more > insecure. > > Hint, when "known broken" code is found in code review, it can not just > be ignored. We're talking about a CPU bug, not a Rust bug, and maybe try a nm --size-sort and see what you find before throwing stones at them...